[Openid-specs-fapi] Google announced "Powering AI commerce with the new Agent Payments Protocol (AP2)"

Wed Sep 17 12:34:12 UTC 2025

I came across the news that Google announced "Powering AI commerce with the
new Agent Payments Protocol (AP2)" my morning today (i.e. like 14 hours
ago).

I have not grasped the protocol yet, but it is based on the A2A protocol
and uses OAuth. Specifically, the "Sample Credential Provider Agent Card"
code snippet within the technical implementation section of AP2
Specification [3] shows OAuth2 as part of its security configuration. This
seems to indicate that a Credential Provider (CP) uses an OAuth2  for
skills such as get_payment_methods, which retrieves a user's payment
methods.
The configuration includes details for the authorizationCode flow,
specifying an authorizationUrl, scopes (particularly for get_payment_methods),
and a tokenUrl. This seems to indicate that OAuth2 is used by Credential
Providers within the AP2 ecosystem to secure access to users' payment
credentials

Intuit, Mastercard, and Okta seem to be contributing to it.

*10 Key Points of Agent Payments Protocol (AP2)*
1. *Launch and Purpose*: AP2 is an *open protocol launched by Google on
September 16, 2025*, developed with over 60 leading payments and technology
companies. Its purpose is to *securely initiate and transact agent-led
payments across platforms*.
2. *Extension of Existing Protocols*: It functions as an *extension of the
Agent2Agent (A2A) protocol and Model Context Protocol (MCP)*.
3. *Payment-Agnostic Framework*: AP2 establishes a *payment-agnostic
framework*, enabling secure transactions across all payment methods,
including credit/debit cards, stablecoins, and real-time bank transfers.
4. *Addressing AI Agent Payment Challenges*: It addresses critical
questions arising from AI agents transacting on behalf of users, such
as *authorization,
authenticity, and accountability*, which challenge traditional payment
system assumptions.
5. *Trust through Mandates*: AP2 builds trust using *Mandates*—tamper-proof,
cryptographically-signed digital contracts that serve as verifiable proof
of user instructions. These are signed by *verifiable credentials (VCs**).*
6. *Two User Scenarios*: Mandates support two primary user interaction
scenarios:
    ◦ *Real-time Purchases (human present)*: An "Intent Mandate" is
captured, and user approval signs a "Cart Mandate" for specific items and
prices.
    ◦ *Delegated Tasks (human not present)*: A detailed "Intent Mandate" is
signed upfront with rules, allowing the agent to automatically generate a
"Cart Mandate" when conditions are met.
7. *Non-Repudiable Audit Trail*: The complete sequence from intent to cart
to payment creates a *non-repudiable audit trail*, providing a clear
foundation for accountability by answering questions of authorization and
authenticity.
8. *Enabling New Commerce Experiences*: AP2's flexible design supports new
commercial models like *smarter shopping, personalized offers, coordinated
tasks, and B2B applications* for autonomous procurement.
9. *Support for Emerging Payment Systems*: It is designed as a universal
protocol for *stablecoins and cryptocurrencies*, with Google collaborating
with Coinbase and others to launch the *A2A x402 extension* for agent-based
crypto payments.
10. *Open Collaboration and Evolution*: Google is committed to evolving AP2
through an *open, collaborative process*, including engagement with
standards bodies, and invites the entire payments and technology community
to contribute via its public GitHub repository
*References*

   1. Google Blog: Powering AI commerce with the new Agent Payments
   Protocol (AP2)
   https://cloud.google.com/blog/products/ai-machine-learning/announcing-agents-to-payments-ap2-protocol?hl=en
   2. Agent Payments Protocol (AP2):
   https://github.com/google-agentic-commerce/AP2
   3. AP2 Specification:
   https://ap2-protocol.org/specification/#71-illustrative-transaction-flow

   1. A2A x402 Extension:
   https://github.com/google-agentic-commerce/a2a-x402

Best,

Nat Sakimura
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-fapi/attachments/20250917/fadf8f84/attachment.htm>